SentinelOne Terms & Conditions



Specific Ransomware Warranty for MEDR

Ransomware Warranty. During the Ransomware Warranty Agreement, so long as the Customer also subscribes to the Service in compliance with the Agreement the Customer’s Endpoints will be protected by the Service which will screen for any Ransomware. The Ransomware Warranty granted herein shall apply to all such Endpoints provided that:
(a) The Service is are deployed in the Endpoints in accordance with the Documentation and such Endpoints are currently active and properly configured.

(b) Only Files that are on Endpoints are covered under this Ransomware Warranty.

(c) All Endpoints of the Customer have the following required configurations:

(i) Services:

Policy mode options are set to Threats: Protect and Suspicious: Protect.
All Engines are set to ON.
Cloud Connectivity is not disabled.
Anti-Tamper is turned ON
Snapshots are turned ON
Scan New Agents is turned ON
The latest General Availability (GA) version (or GA with a critical security Service Pack (SP), if issued) or the GA (or GA with a critical SP, if issued) version immediately preceding such latest GA version, of the SentinelOne Windows Endpoint Agent (as specified in the SentinelOne Knowledge Base “Latest Information” article) is deployed prior to the time of Ransomware infection.
There are no Pending Actions (such as Reboot) listed on any covered Endpoint.
A supported version of the Management Console is deployed.
Exclusions specified in the SentinelOne Knowledge Base “Not Recommended Exclusions” article, are not deployed in the Management Console or Agent.
(ii) Operating system:

The Ransomware Warranty applies to Standard (not Legacy) Windows Agents, and on supported versions of Microsoft Windows (as specified in the SentinelOne Knowledge Base “System Requirements” article).
Each endpoint is malware-free prior to SentinelOne Windows Agent installation.
OS is fully updated and patched on each covered Endpoint, and all compromised applications are updated to latest releases.
VSS (Volume Shadow Copy Service) is enabled and functioning on all Windows endpoints. VSS Disk Space Usage allocation must be configured with at least 10% on all disks.
(d) The Customer adheres to the following manual actions post infection (i.e. discovery of Ransomware):

immediately adds the specific Ransomware threat to blacklist;
in case the Ransomware was not blocked but only detected – takes a remediation and rollback action within 1 hour of infection/discovery of the Ransomware; and
notifies SentinelOne of the Ransomware discovery within 24 hours at Ransomware
This Section 1(d) shall not apply if the Customer is subscribed to the Vigilance Response service during the Ransomware Warranty Agreement. Scope of the Ransomware Warranty. Subject to the terms of this Ransomware Warranty, including the specific requirements of Section 1 above, in case of a successful ransomware attack on Customer Endpoints covered by the Ransomware Warranty, as shown in SentinelOne’s logs and other records, SentinelOne will pay as sole and exclusive remedy to the Customer actual damages caused by such attack, capped at $1,000 USD per Endpoint affected by a Breach, and further capped at $1,000,000 USD for every consecutive 12 months in which Customer subscribes to the Service with respect to the affected Endpoint. For the avoidance of doubt, the recovery amount set forth herein is limited to 1,000 Endpoints for each applicable 12-month period.

Condition Precedent to Ransomware Warranty Payment. SentinelOne shall only provide the remedy for the Breach of the Ransomware Warranty as described above if (i) the Ransomware attack has occurred, is discovered by the Customer and reported to SentinelOne during the Ransomware Warranty Agreement and Customer’s subscription to the Service under the Agreements; (ii) Customer’s Endpoints and the Service are configured in accordance with the Documentation and Section 1 above; (iii) the Customer demands in writing to recover for damages caused by the Breach; and (iv) sufficient evidence is provided by Customer supporting the Ransom demand amount for each Ransomware infection covered by this Ransomware Warranty.
Exclusions: The Ransomware Warranty shall not apply to a breach caused primarily by (i) any deployment, configuration and/or use of the Service (or a portion thereof), for any or no reason, in a manner inconsistent with the Documentation or the requirements of Section 1 herein; (ii) Customer’s negligence or misconduct; or (iii) other products and/or service which directly or indirectly cause the malfunction or non-performance of the Service with respect to the subject Ransomware.
Sole and Exclusive Remedy. The aforementioned remedy for the Breach shall be the Customer’s sole and exclusive remedy and the entire liability of SentinelOne for any Breach of the Ransomware Warranty.
The capitalized terms below shall have the following meaning:
“Breach” means the unauthorized access to at least one Customer Endpoint in the form of Ransomware which has caused material harm to the Customer, whereby “material harm” must include at least one of the following: (i) the unauthorized acquisition of unencrypted digital data that compromises the security, confidentiality, or integrity of personal information or confidential information maintained by the Customer; (ii) public disclosure of personal information or confidential information maintained by the Customer; or (iii) the compromise of at least one Customer Endpoint resulting the blocking of access to such Endpoint.
“Ransomware” means a malware software program that infects Customer’s systems from external sources (i.e. in the wild), which installs, persists and encrypts a large portion of files at the operating system level, and continuing to demand payment (the “Ransom”) in order to decrypt the encrypted files. For clarification, Ransomware does not include any malware introduced by the Customer or any third party to Customer’s internal systems, whether intentionally (i.e., malware testing) or through a breach in the system’s security.
“Endpoints” shall mean any computing device with a Microsoft Windows operating system, that has the Service installed per the Documentation under valid Agreements among JurisLockLock and the Customer.
Other Agreements and Conditions. Any other terms and conditions of the Agreement shall be unaffected by this Ransomware Warranty, except as expressly stated in the Agreement. In case of any conflict between the terms of this Ransomware Warranty and the terms and conditions within the Agreement relating to the Ransomware Warranty, the terms and conditions within this Ransomware Warranty shall prevail.
Miscellaneous. This Ransomware Warranty represents the complete agreement between the parties concerning the Ransomware Warranty granted hereunder and supersedes any and all prior agreements or representations between the parties. SentinelOne may revise the terms of this Ransomware Warranty from time to time in its reasonable discretion, provided that such revisions shall not reduce or eliminate the monetary remedy described in Section 2 herein. To the extent that SentinelOne pays to the Customer under the Ransomware Warranty, Customer agrees that SentinelOne shall acquire a subrogation right to assert a claim against the hacker who delivered the Ransomware to Customer and caused damages for which SentinelOne incurred Ransomware Warranty costs, and Customer further agrees to assist SentinelOne should it decide to assert a claim against such hacker. If any provision of this Ransomware Warranty is held to be unenforceable for any reason, such provision shall be reformed only to the extent necessary to make it enforceable.